EP3895355A1 - Real-time soft combining, crc validation, and mic validation of decrypted packets - Google Patents

Real-time soft combining, crc validation, and mic validation of decrypted packets

Info

Publication number
EP3895355A1
EP3895355A1 EP19836218.8A EP19836218A EP3895355A1 EP 3895355 A1 EP3895355 A1 EP 3895355A1 EP 19836218 A EP19836218 A EP 19836218A EP 3895355 A1 EP3895355 A1 EP 3895355A1
Authority
EP
European Patent Office
Prior art keywords
crc
pdu
decrypted
payloads
mic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP19836218.8A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP3895355B1 (en
Inventor
Vishal Agarwal
Huibert Denboer
Giriraj Goyal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of EP3895355A1 publication Critical patent/EP3895355A1/en
Application granted granted Critical
Publication of EP3895355B1 publication Critical patent/EP3895355B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/18Automatic repetition systems, e.g. Van Duuren systems
    • H04L1/1829Arrangements specially adapted for the receiver end
    • H04L1/1835Buffer management
    • H04L1/1845Combining techniques, e.g. code combining
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0001Systems modifying transmission characteristics according to link quality, e.g. power backoff
    • H04L1/0002Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the transmission rate
    • H04L1/0003Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the transmission rate by switching between different modulation schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/1607Details of the supervisory signal
    • H04L1/1614Details of the supervisory signal using bitmaps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L5/00Arrangements affording multiple use of the transmission path
    • H04L5/003Arrangements for allocating sub-channels of the transmission path
    • H04L5/0053Allocation of signaling, i.e. of overhead other than pilot signals
    • H04L5/0055Physical resource allocation for ACK/NACK
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0041Arrangements at the transmitter end
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0045Arrangements at the receiver end
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0061Error detection codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/18Automatic repetition systems, e.g. Van Duuren systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present disclosure relates generally to communication systems, and more particularly, to soft combining of decrypted packets.
  • a wireless personal area network is a personal, short-range wireless network for interconnecting devices centered around a specific distance from a user.
  • WPANs have gained popularity because of the flexibility and convenience in connectivity that WPANs provide.
  • WPANs such as those based on short-range communication protocols (e.g., a Bluetooth ® (BT) protocol, a Bluetooth ® Low Energy (BLE) protocol, a Zigbee ® protocol, etc.), provide wireless connectivity to peripheral devices by providing wireless links that allow connectivity within a specific distance (e.g., 5 meters, 10 meter, 20 meters, 100 meters, etc.).
  • BT is a short-range wireless communication protocol that supports a WPAN between a central device (e.g., a master device) and at least one peripheral device (e.g., a slave device). Power consumption associated with BT communications may render BT impractical in certain applications, such as applications in which an infrequent transfer of data occurs.
  • BLE was developed and adopted in various applications in which an infrequent transfer of data occurs.
  • BLE exploits the infrequent transfer of data by using a low duty cycle operation, and switching at least one of the central device and/or peripheral device(s) to a sleep mode in between data transmissions.
  • a BLE communications link between two devices may be established using, e.g., hardware, firmware, host operating system, host software stacks, and/or host application support.
  • Example applications that use BLE include battery-operated sensors and actuators in various medical, industrial, consumer, and fitness applications.
  • BLE may be used to connect devices such as BLE enabled smart phones, tablets, and laptops.
  • Transmitted and re transmitted data packets may be encrypted using different encryption parameters, which may cause the re-transmitted data packets to appear as different data packets despite having the same payload.
  • BLE was developed and adopted in various applications in which an infrequent transfer of data occurs. BLE exploits the infrequent transfer of data by using a low duty cycle operation, and switching at least one of the central device and/or peripheral device(s) to a sleep mode in between data transmissions.
  • Example applications that use BLE include battery-operated sensors and actuators in various medical, industrial, consumer, and fitness applications. The BLE applications often connect to devices such as BLE enabled smart phones, tablets, and laptops.
  • the traditional BLE protocol provides only for error detection in the payload of a data packet through the use of a cyclic redundancy check (CRC).
  • CRC cyclic redundancy check
  • retransmission is the means by which errors in the payload may be“corrected,” where correction via retransmission is different than the dynamic correction of the same data packet enabled through FEC. That is, FEC actually corrects the errors in the same data packet, while the retransmission corrects the errors of the current data packet by replacing the current data packet with another version of the data payload, which may or may not include errors.
  • an erroneous data packet may be replaced with a special packet that in effect defines silence or packet loss concealment.
  • the silence packet and/or packet loss concealment may reduce communication quality because portions of the communication may be omitted (e.g., voice breaks during a voice call).
  • using the error correction techniques of traditional BLE may not only reduce the perceived audio quality of a given application, but may also limit a transmit power reduction of a BLE air interface packet due to a limited sensitivity at the receiving device.
  • the receiving device sensitivity may be correlated with the lowest signal power level from which the receiving device may obtain information from a BLE air interface packet without meeting a Bit Error Rate (BER) threshold.
  • BER Bit Error Rate
  • the receiving device sensitivity may limit the transmit power reduction for a BLE air interface packet.
  • Validation of a correctly received packet may be done through the use of CRC.
  • Incorrectly received packets may cause the packet to be retransmitted in response to a request for a new message sent to the transmitting device by the receiving device.
  • the two or more packets may be combined until the receiving device can decode the message error free.
  • Over the air bit errors may cause numerous retransmissions, but if the retransmitted packet is encrypted using different encryption parameters, such as but not limited to Nonce, then the retransmitted packet will appear to be different than the originally transmitted packet despite having the same payload.
  • the error correction techniques of the present disclosure promote error-correction in communication systems that lack FEC or other embedded error correction mechanisms with respect to one or more portions of a data packet by decrypting the data packet to obtain a first payload, soft combining the decrypted first payload with a decrypted set of payloads, generating a CRC based on the soft combined decrypted payloads, and determining whether the generated CRC passes a CRC check against a first CRC.
  • the techniques therefore provide error correction for the entire packet, including packet portions not protected by any embedded error correction mechanism.
  • data communications over noisy communication mediums may be improved as the techniques may reduce bit error rates, and increase the sensitivity of the receiving device such that the transmission power of a data packet may be reduced.
  • the techniques promote increased audio quality over systems that do not employ the techniques described in the present disclosure.
  • a method, a computer-readable medium, and an apparatus may receive a first packet data unit (PDU) and a first CRC that is based on the first PDU.
  • the first PDU may be encrypted based on a first nonce.
  • the apparatus may decrypt the first PDU to obtain a first payload and a first cipher stream.
  • the apparatus may soft combine the decrypted first payload with a decrypted set of payloads.
  • the set of payload may be encrypted based on at least one nonce that is different than the first nonce. However, in some aspects, the set of payload may be encrypted based on a nonce that is the same as the first nonce.
  • the apparatus may generate a second CRC based on the soft combined decrypted payloads and based on the first cipher stream.
  • the apparatus may determine whether the generated second CRC for the soft combined decrypted payloads passes a CRC check against the first CRC.
  • a method, a computer-readable medium, and an apparatus may receive a first PDU and a first CRC that is based on the first PDU.
  • the first PDU may be encrypted based on a first nonce.
  • the apparatus may decrypt the first PDU to obtain a first payload.
  • the apparatus may obtain an error bitmap by soft combining the decrypted first payload with a decrypted set of payloads.
  • the set of payloads may be encrypted based on at least one nonce different than the first nonce. However, in some aspects, the set of payload may be encrypted based on a nonce that is the same as the first nonce.
  • the apparatus may perform an Exclusive OR (XOR) operation on the received first PDU with the obtained error bitmap to obtain a soft combined encrypted payload.
  • the apparatus may generate a second CRC based on the soft combined encrypted payload.
  • the apparatus may determine whether the generated second CRC for the soft combined encrypted payload passes a CRC check against the first CRC.
  • XOR Exclusive OR
  • the one or more aspects comprise the features hereinafter fully described and particularly pointed out in the claims.
  • the following description and the annexed drawings set forth in detail certain illustrative features of the one or more aspects. These features are indicative, however, of but a few of the various ways in which the principles of various aspects may be employed, and this description is intended to include all such aspects and their equivalents.
  • FIG. 1 is a diagram illustrating an example of a WPAN in accordance with certain aspects of the disclosure.
  • FIG. 2 is block diagram of a wireless device in accordance with certain aspects of the disclosure.
  • FIG. 3 is a diagram illustrating a modified BLE protocol stack in accordance with certain aspects of the disclosure.
  • FIG. 4 is a block diagram illustrating a soft combining operation in accordance with certain aspects of the disclosure.
  • FIG. 5 is a block diagram illustrating a header adjustment in accordance with certain aspects of the disclosure.
  • FIG. 6 is a block diagram illustrating another soft combining operation in accordance with certain aspects of the disclosure.
  • FIG. 7 is a block diagram illustrating a MIC calculation operation in accordance with certain aspects of the disclosure.
  • FIG. 8 is a block diagram illustrating another MIC calculation operation in accordance with certain aspects of the disclosure.
  • FIG. 9 is a flowchart of a method of wireless communication.
  • FIG. 10 is a conceptual data flow diagram illustrating the data flow between different means/components in an exemplary apparatus.
  • FIG. 11 is a diagram illustrating an example of a hardware implementation for an apparatus employing a processing system.
  • FIG. 12 is a flowchart of a method of wireless communication.
  • FIG. 13 is a conceptual data flow diagram illustrating the data flow between different means/components in an exemplary apparatus.
  • FIG. 14 is a diagram illustrating an example of a hardware implementation for an apparatus employing a processing system.
  • processors include microprocessors, microcontrollers, graphics processing units (GPUs), central processing units (CPUs), application processors, digital signal processors (DSPs), reduced instruction set computing (RISC) processors, systems on a chip (SoC), baseband processors, field programmable gate arrays (FPGAs), programmable logic devices (PLDs), state machines, gated logic, discrete hardware circuits, and other suitable hardware configured to perform the various functionality described throughout this disclosure.
  • processors in the processing system may execute software.
  • Software shall be construed broadly to mean instructions, instruction sets, code, code segments, program code, programs, subprograms, software components, applications, software applications, software packages, routines, subroutines, objects, executables, threads of execution, procedures, functions, etc., whether referred to as software, firmware, middleware, microcode, hardware description language, or otherwise.
  • the functions described may be implemented in hardware, software, or any combination thereof. If implemented in software, the functions may be stored on or encoded as one or more instructions or code on a computer-readable medium.
  • Computer-readable media includes computer storage media. Storage media may be any available media that can be accessed by a computer.
  • such computer-readable media can comprise a random-access memory (RAM), a read-only memory (ROM), an electrically erasable programmable ROM (EEPROM), optical disk storage, magnetic disk storage, other magnetic storage devices, combinations of the aforementioned types of computer-readable media, or any other medium that can be used to store computer executable code in the form of instructions or data structures that can be accessed by a computer.
  • RAM random-access memory
  • ROM read-only memory
  • EEPROM electrically erasable programmable ROM
  • optical disk storage magnetic disk storage
  • magnetic disk storage other magnetic storage devices
  • combinations of the aforementioned types of computer-readable media or any other medium that can be used to store computer executable code in the form of instructions or data structures that can be accessed by a computer.
  • FIG. 1 illustrates an example WPAN 100 in accordance with certain aspects of the disclosure.
  • a central device 102 may connect to and establish a BLE communication link 116 with one or more peripheral devices 104, 106, 108, 110, 112, 114 using a BLE protocol or a modified BLE protocol.
  • the BLE protocol is part of the BT core specification and enables radio frequency communication operating within the globally accepted 2.4 GHz Industrial, Scientific & Medical (ISM) band.
  • ISM Industrial, Scientific & Medical
  • the central device 102 may include suitable logic, circuitry, interfaces, processors, and/or code that may be used to communicate with one or more peripheral devices 104, 106, 108, 110, 112, 114 using the BLE protocol or the modified BLE protocol as described below in connection with any of FIGs. 2-13.
  • the central device 102 may operate as an initiator to request establishment of a link layer (LL) connection with an intended peripheral device 104, 106, 108, 110, 112, 114.
  • LL link layer
  • a LL in the BLE protocol stack and/or modified BLE protocol stack (e.g., see FIG.
  • the central device 102 may become a master device and the intended peripheral device 104, 106, 108, 110, 112, 114 may become a slave device for the established LL connection.
  • the central device 102 may be capable of supporting multiple LL connections at a time with various peripheral devices 104, 106, 108, 110, 112, 114 (slave devices).
  • the central device 102 may be operable to manage various aspects of data packet communication in a LL connection with an associated peripheral device 104, 106, 108, 110, 112, 114 (slave device). For example, the central device 102 may be operable to determine an operation schedule in the LL connection with a peripheral device 104, 106, 108, 110, 112, 114. The central device 102 may be operable to initiate a LL protocol data unit (PDU) exchange sequence over the LL connection. LL connections may be configured to run periodic connection events in dedicated data channels. The exchange of LL data PDU transmissions between the central device 102 and one or more of the peripheral devices 104, 106, 108, 110, 112, 114 may take place within connection events.
  • PDU protocol data unit
  • the central device 102 may be configured to transmit the first LL data PDU in each connection event to an intended peripheral device 104, 106, 108, 110, 112, 114.
  • the central device 102 may utilize a polling scheme to poll the intended peripheral device 104, 106, 108, 110, 112, 114 for a LL data PDU transmission during a connection event.
  • the intended peripheral device 104, 106, 108, 110, 112, 114 may transmit a LL data PDU upon receipt of packet LL data PDU from the central device 102.
  • a peripheral device 104, 106, 108, 110, 112, 114 may transmit a LL data PDU to the central device 102 without first receiving a LL data PDU from the central device 102.
  • Examples of the central device 102 may include a cellular phone, a smart phone, a session initiation protocol (SIP) phone, a mobile station (STA), a laptop, a personal computer (PC), a desktop computer, a personal digital assistant (PDA), a satellite radio, a global positioning system, a multimedia device, a video device, a digital audio player (e.g., MP3 player), a camera, a game console, a tablet, a smart device, a wearable device (e.g., smart watch, wireless headphones, etc.), a vehicle, an electric meter, a gas pump, a toaster, a thermostat, a hearing aid, a blood glucose on-body unit, an Intemet-of-Things (IoT) device, or any other similarly functioning device.
  • SIP session initiation protocol
  • STA mobile station
  • PC personal computer
  • PDA personal digital assistant
  • satellite radio a global positioning system
  • a multimedia device e.g., a video device,
  • Examples of the one or more peripheral devices 104, 106, 108, 110, 112, 114 may include a cellular phone, a smart phone, a SIP phone, a STA, a laptop, a PC, a desktop computer, a PDA, a satellite radio, a global positioning system, a multimedia device, a video device, a digital audio player (e.g., MP3 player), a camera, a game console, a tablet, a smart device, a wearable device (e.g., smart watch, wireless headphones, etc.), a vehicle, an electric meter, a gas pump, a toaster, a thermostat, a hearing aid, a blood glucose on-body unit, an IoT device, or any other similarly functioning device.
  • a cellular phone a smart phone, a SIP phone, a STA, a laptop, a PC, a desktop computer, a PDA, a satellite radio, a global positioning system, a multimedia device, a video device, a
  • central device 102 is illustrated in communication with six peripheral devices 104, 106, 108, 110, 112, 114 in the WPAN 100, the central device 102 may communicate with more or fewer than six peripheral devices within the WPAN 100 without departing from the scope of the present disclosure.
  • the central device 102 and/or a peripheral device may be configured to perform a soft combine operation after the decryption of data packets if the transmission and the re transmission of data packets are encrypted using different nonces (120), e.g., as described below in connection with any of FIGs. 2-13.
  • FIG. 2 is block diagram of a wireless device 200 in accordance with certain aspects of the disclosure.
  • the wireless device 200 may correspond to, e.g., the central device 102, and/or one of peripheral devices 104, 106, 108, 110, 112, 114 described above in connection with FIG. 1.
  • the wireless device 200 may be a BFE enabled device.
  • the disclosure is not intended to be limited to the wireless device 200 being a BFE enabled device.
  • the wireless device 200 may be a BT Classic enabled device, an 802.15.4 Zigbee enabled or any wireless device configured to communicate via short-range communication protocols.
  • the wireless device 200 may include a processing element, such as processor(s) 202, which may execute program instructions for the wireless device 200.
  • the wireless device 200 may also include display circuitry 204 which may perform graphics processing and provide display signals to the display 242.
  • the processor(s) 202 may also be coupled to memory management unit (MMU) 240, which may be configured to receive addresses from the processor(s) 202 and translate the addresses to address locations in memory (e.g., memory 206, ROM 208, Flash memory 210) and/or to address locations in other circuits or devices, such as the display circuitry 204, radio 230, connector interface 220, and/or display 242.
  • the MMU 240 may be configured to perform memory protection and page table translation or set up. In some embodiments, the MMU 240 may be included as a portion of the processor(s) 202.
  • the processor(s) 202 may be coupled to various other circuits of the wireless device 200.
  • the wireless device 200 may include various types of memory, a connector interface 220 (e.g., for coupling to the computer system), the display 242, and wireless communication circuitry (e.g., for Wi-Fi, BT, BLE, cellular, etc.).
  • the wireless device 200 may include a plurality of antennas 235a, 235b, 235c, 235d, for performing wireless communication with other BLE devices.
  • the wireless device 200 may include hardware and software components (a processing element) configured to perform a soft combine operation after the decryption of data packets if the transmission and the re-transmission of data packets are encrypted using different nonces, e.g., using the techniques described below in connection with any FIGs. 3-13.
  • the wireless device 200 may also comprise BLE firmware or other hardware / software for controlling BLE operations.
  • the wireless device 200 may store and execute a wireless local area network (WLAN) software driver for controlling WLAN operations.
  • WLAN wireless local area network
  • the wireless device 200 may be configured to implement part or all of the techniques described below in connection with any of FIGs. 3-13, e.g., by executing program instructions stored on a memory medium (e.g., a non-transitory computer-readable memory medium) and/or through hardware or firmware operation.
  • a memory medium e.g., a non-transitory computer-readable memory medium
  • the techniques described below in connection with any of FIGs. 3-13 may be at least partially implemented by a programmable hardware element, such as a field programmable gate array (FPGA), and/or an application specific integrated circuit (ASIC).
  • FPGA field programmable gate array
  • ASIC application specific integrated circuit
  • radio 230 may include separate controllers configured to control communications for various respective radio access technology (RAT) protocols.
  • radio 230 may include a WLAN controller 250 configured to control WLAN communications and a short-range communications controller 252 configured to control short-range communications (e.g., BLE communications).
  • a coexistence interface 254 e.g., a wired interface may be used for sending information between the WLAN controller 250 and the short-range communication controller 252.
  • one or more of the WLAN controller 250 and/or the short-range communications controller 252 may be implemented as hardware, software, firmware or some combination thereof.
  • the WLAN controller 250 may be configured to communicate with a second device using a WLAN link using all of the antennas 235a, 235b, 235c, 235d.
  • the short-range communication controller 252 may be configured to implement a BLE protocol stack (see LIG. 3), and communicate with at least one second device using one or more of the antennas 235a, 235b, 235c, 235d.
  • the short-range communication controller 252 may be configured to perform a soft combine operation after the decryption of data packets if the transmission and the re transmission of data packets are encrypted using different nonces.
  • LIG. 3 illustrates a BLE protocol stack 300 that may be implemented in a BLE device in accordance with certain aspects of the present disclosure.
  • the BLE protocol stack 300 may be implemented by, e.g., one or more of processor(s) 202, memory 206, Llash memory 210, ROM 208, the radio 230, and/or the short-range communication controller 252 illustrated in LIG. 2.
  • the BLE protocol stack 300 may be organized into three blocks, namely, the Application block 302, the Host block 304, and the Controller block 306.
  • Application block 302 may be a user application which interfaces with the other blocks and/or layers of the BLE protocol stack 300.
  • the Host block 304 may include the upper layers of the BLE protocol stack 300
  • the Controller block 306 may include the lower layers of the modified BLE protocol stack 300.
  • the Host block 304 may communicate with a BLE controller (e.g., short-range communication controller 252 in LIG. 2) in a wireless device using a Host Controller Interface (HCI) (not shown in LIG. 3).
  • the HCI may also be used to interface the Controller block 306 with the Host block 304.
  • Interfacing the Controller block 306 and the Host block 304 may enable a wide range of Hosts to interface with the Controller block 306.
  • the Application block 302 may include a higher-level Application Layer (App) 308, and the BLE protocol stack 300 may run under the App 308.
  • App Application Layer
  • the Host block 304 may include a Generic Access Profile (GAP) 310, a Generic Attribute Protocol (GATT) 312, a Security Manager (SM) 314, an Attribute Protocol (ATT) 316, and a Logical Link Control and Adaptation Protocol (L2CAP) 318.
  • GAP Generic Access Profile
  • GATT Generic Attribute Protocol
  • SM Security Manager
  • ATT Attribute Protocol
  • L2CAP Logical Link Control and Adaptation Protocol
  • the Controller block 306 may include a LL 320 and a Physical Layer (PHY) 322.
  • the PHY 322 may define the mechanism for transmitting a bit stream over a physical link that connects BLE devices.
  • the bit stream may be grouped into code words or symbols, and converted to a PDU that is transmitted over a transmission medium.
  • the PHY 322 may provide an electrical, mechanical, and procedural interface to the transmission medium.
  • the shapes and properties of the electrical connectors, the frequency band used for transmission, the modulation scheme, and similar low-level parameters may be specified by the PHY 322.
  • the LL 320 may be responsible for low level communication over the PHY 322.
  • the LL 320 may manage the sequence and timing for transmitting and receiving data packets, and using a LL protocol, communicates with other devices regarding connection parameters and data flow control.
  • the LL 320 may provide gate keeping functionality to limit exposure and data exchange with other devices. If filtering is configured, the LL 320 may maintain a list of allowed devices and ignore all requests for data exchange from devices not on the list. The LL 320 may also reduce power consumption.
  • the LL 320 may use the HCI (not shown in FIG. 3) to communicate with upper layers of the BLE protocol stack 300.
  • the LL 320 may include a third party’s proprietary LL that may be used to discover peer devices (e.g., other devices associated with the third party), and establish a secure communication channel therewith.
  • the LL 320 may be responsible for transporting data packets between devices in a WPAN.
  • Each data packet may include a logical transport address LT_ADDR in a header field, which specifies the type of logical transport used to carry the data packet.
  • Logical transports may exist between a master device and slave devices. Additionally, some logical transports may carry multiple logical links.
  • ACL logical transport One type of logical transport is an ACL logical transport.
  • the ACL logical transport may be used to carry data packets such as the data packet described below with reference to FIG. 4.
  • Each device may receive a default ACL logical transport when the device joins the WPAN.
  • Each ACL logical transport may carry one or more ACL communication links, which are distinguished by a Logical Link ID (LLID) field of the header. Retransmitted data packets carried via an ACL communication link may be received automatically if unacknowledged by the receiver device, allowing for correction of a radio link that is subject to interference.
  • LLID Logical Link ID
  • the ACL logical transport may permit communication of data for time-sensitive or time-bounded applications, such as streaming services, voice applications including Voice over Internet Protocol (VoIP) and more standard, cellular telephone calls bailing error correction, an erroneous data packet carried via an ACL communication link may be replaced with a special communication packet that in effect defines silence or packet loss concealment when the traditional BLE protocol is implemented.
  • VoIP Voice over Internet Protocol
  • the special silence communication packet and/or packet loss concealment may reduce the communication quality experienced over ACL communication links because portions of the communications may be omitted (e.g., voice breaks during a voice call).
  • the L2CAP 318 may encapsulate multiple protocols from the upper layers into a data packet format (and vice versa).
  • the L2CAP 318 may also break packets with a large data payload from the upper layers into multiple packets with the data payload segmented into smaller size data payloads that fit into a maximum payload size (e.g., 27 bytes) on the transmit side.
  • the L2CAP 318 may receive multiple data packets carrying a data payload that has been segmented, and the L2CAP 318 may combine the segmented data payload into a single data packet carrying the data payload that may be sent to the upper layers.
  • the ATT 316 may be a client / server protocol based on attributes associated with a
  • BLE device configured for a particular purpose (e.g., monitoring heart rate, monitoring temperature, broadcasting advertisements, etc.).
  • the attributes may be discovered, read, and written by peer devices.
  • the set of operations which are executed over ATT 316 may include, but are not limited to, error handling, server configuration, find information, read operations, write operations, queued writes, etc.
  • the ATT 316 may form the basis of data exchange between BLE devices.
  • the SM 314 may be responsible for device pairing and key distribution.
  • a security manager protocol implemented by the SM 314 may define how communications with the SM of a counterpart BLE deice are performed.
  • the SM 314 may provide additional cryptographic functions that may be used by other components of the BLE protocol stack 300.
  • the architecture of the SM 314 used in BLE may be designed to minimize recourse requirements for peripheral devices by shifting work to an assumingly more powerful central device.
  • BLE uses a pairing mechanism for key distribution.
  • the SM 314 provides a mechanism to not only encrypt the data but also to provide data authentication.
  • the GATT 312 describes a service framework using the attribute protocol for discovering services, and for reading and writing characteristic values on a peer device.
  • the GATT 312 interfaces with the App 308 through the App’s profile.
  • the App 308 profile defines the collection of attributes and any permission needed for the attributes to be used in BLE communications.
  • the GAP 310 may provide an interface for the App 308 to initiate, establish, and manage connection with counterpart BLE devices.
  • BLE provides for a method to transmit, and retransmit, a message until the receiving device decodes the message error free.
  • Validation of a correctly received packet may be done through the use of CRC and/or Message Integrity Check (MIC).
  • CRC Message Integrity Check
  • MIC Message Integrity Check
  • the CRC is calculated on the encrypted packet.
  • the transmit side when the CRC is generated and transmitted, the CRC is based on the encrypted data.
  • the encrypted data is analyzed by the receiver.
  • Incorrectly received packets may cause the packet to be retransmitted in response to a request for a new message (e.g., NACK) sent to the transmitting device by the receiving device.
  • the transmitted packet and retransmitted packets may be soft combined until the receiving device can decode the message error free.
  • the same packet is encrypted using different cipher streams during the transmission and retransmission, then the retransmitted packet will not appear the same as the originally transmitted packet despite having the same payload.
  • extended synchronous connection oriented (eSCO) packets are used for audio, and the eSCO packet transmission and each retransmission are each encrypted using a different nonce (e.g., counter).
  • the cipher stream which encrypts the eSCO packet is also different.
  • Soft combining is the process of combining received bits during different receptions in order to guess the correct bit. Soft combining eSCO packets will not work if the soft combining is performed before decryption because different nonces are used to encrypt the packet. If eSCO packets are soft combined after the packets are decrypted, then CRC validation cannot be performed directly on the corrected soft combined data because the CRC is calculated on the encrypted data.
  • the present disclosure provides an error correction technique to validate the combination of transmitted and retransmitted decrypted data packets that have been encrypted using different nonces and/or cipher streams.
  • the error correction technique may be configured to validate the CRC (based on the encrypted data) against a CRC calculated on the data that has been decrypted and soft combined to generate the reconstructed data, but without re-encrypting the soft combined reconstructed data.
  • FIG. 4 illustrates a block diagram 400 illustrating a soft combining operation in accordance with certain aspects of the present disclosure.
  • FIG. 5 is a block diagram 500 illustrating a header adjustment in accordance with certain aspects of the disclosure.
  • the soft combining operation may occur in communications between a first device and second device in a WPAN in accordance with certain aspects of the disclosure.
  • the first device may correspond to, e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 902/902', or the mesh node 950.
  • the second device may correspond to, e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 902/902', or the mesh node 950.
  • the first device may transmit encrypted data 402 to the second device (e.g., receiving device).
  • the encrypted data 402 may include a first PDU and a first CRC that was calculated based on the encrypted first PDU.
  • the first PDU may be encrypted based on a first nonce.
  • the second device receives the encrypted data 402 provides the encrypted data 402 to the decryption block 404.
  • the decryption block 404 decrypts the encrypted data 402 and outputs decrypted data 406 (e.g., first payload) and a cipher stream 408.
  • the decryption block 404 is configured to generate the cipher stream 408 that was used to encrypt the encrypted data 402.
  • the cipher stream 408 may also be used to decrypt the data.
  • the decryption block 404 outputs the decrypted data 406 to the real time soft combining (RTSC) block 410.
  • the decrypted data 406 may be soft combined with a decrypted set of payloads at the RTSC block 410.
  • the decrypted set of payloads may be encrypted based on at least one nonce that is different than the first nonce used to encrypt the first PDU.
  • the decrypted set of payloads may be encrypted based on a nonce that is the same as the first nonce.
  • the decrypted set of payloads may be previously received data packets that may be stored within the RTSC block 410 or may be stored in a memory that is external to the RTSC block 410.
  • the receiving device may receive a set of PDUs, prior to receiving the encrypted data 402, and may attempt to decrypt each PDU in the set of PDUs after the PDU is received to obtain a corresponding decrypted payload of the decrypted set of payloads.
  • the receiving device may be configured to transmit a negative acknowledgement (NACK) in the event that the receiving device fails to properly validate a received CRC, based on the encrypted data, against a calculated CRC, based on the soft combined data.
  • NACK negative acknowledgement
  • the transmission of the NACK from the receiving device to the transmitting device may indicate that the PDU was improperly received.
  • the transmitting device sends another PDU to the receiving device.
  • the retransmitted PDU may be the first PDU from the encrypted data 402.
  • the RTSC block 410 may be configured to soft combine the decrypted data 406 with previously received data in an effort to correct previous corrupt reception or improper reception of the same packet.
  • the RTSC block 410 cannot operate on encrypted data because the encryption (e.g., nonce) changes from packet to packet, whereas decrypting the encrypted data 402 allows the RTSC block 410 to generate soft combined decrypted data 412 to reconstruct the data.
  • BLE specifications require the CRC to be calculated on the encrypted data, not the decrypted data.
  • the reconstructed data (e.g., soft combined decrypted data 412) generated by the RTSC block 410 is a combination of decrypted data, and a CRC calculated based on the decrypted data, alone, does not allow the first CRC based on the encrypted data to be validated.
  • the first CRC based on the encrypted data needs to be validated to determine whether the soft combined decrypted data 412 has been properly received.
  • the receiving device may send an acknowledgement (ACK) to the transmitting device.
  • the ACK provides an indication to the transmitting device that the receiving device has properly received the PDU.
  • the RTSC block 410 outputs the soft combined decrypted data 412 to CRC generator
  • the CRC generator 414 is configured to generate a CRC based on the soft combined decrypted data 412. Although the CRC generated by the CRC generator 414 is a CRC based on decrypted data, this CRC may be utilized to calculate a CRC generated by the receiving device based on the reconstructed data without re encrypting the reconstructed data. The CRC, generated by the CRC generator 414, based on the decrypted data may be further processed in order for the CRC to mimic as if it was generated based on encrypted data.
  • the decryption block 404 While the decryption block 404 is decrypting the encrypted data 402, the decryption block 404, in parallel, will output the cipher stream 408.
  • the cipher stream 408 is outputted to the CRC generator 416, and may be configured to generate a CRC of only the cipher stream 408.
  • the CRC of the cipher stream 408, generated by the CRC generator 416 may be used in conjunction with the CRC of the soft combined decrypted data 412, generated by the CRC generator 414, to generate a calculated CRC 420 which may then be used to validate the received CRC based on encrypted data (e.g., first CRC).
  • the calculated CRC 420 may be based on the soft combined decrypted data 412 and based on the first cipher stream 408.
  • the disclosure takes advantage of the linear properties of CRC polynomials to further process the CRC generated by the CRC generator 414, based on the soft combined decrypted data, and to further process the CRC generated by the CRC generator 416, based on the cipher stream, to validate the CRC based on encrypted data. For example:
  • BLE unencrypted data is encrypted by using the cipher stream. For example,
  • the cipher stream may also be used to decrypt encrypted data. For example, XORing the encrypted data with the same cipher stream will result in the decrypted data.
  • x ® y z
  • A is unencrypted data
  • y is a cipher stream
  • z is encrypted data
  • the unencrypted data A is encrypted by the cipher stream y by XORing the cipher stream and the unencrypted data, and results in encrypted data z.
  • the cipher stream may be used to encrypt and decrypt data, in instances where the same cipher stream is used to perform both.
  • a CRC may be initialized with a seed, and both the transmitting device and the receiving device need to know the initial seed in order for the CRC (e.g., calculated CRC 420) to be correct.
  • the seed needs to be applied to one of the CRCs that is being generated by CRC generators 414, 416 in order for the calculated CRC 420 to be correct.
  • the header also needs to be adjusted in order for the calculated CRC 420 to be correct when the CRC based on the soft combined decrypted data 412 is XORed with the CRC based on the cipher stream 408.
  • a payload header 502 may be appended to the soft combined decrypted data 412 prior to the CRC generator 414 generating the CRC based on the soft combined decrypted data 412.
  • the cipher stream 408 may be zero padded 504 prior to the CRC generator 416 generating the CRC based on the cipher stream 408.
  • the payload header 502 may be appended to the soft combined decrypted data 412, and the first cipher stream 408 may be zero padded 504 prior to the calculated CRC 420 being generated. For example, as shown in FIG.
  • the decrypted data 406 is soft combined to reconstruct the correct data as it goes through the RTSC block 410, but the header does not run through the RTSC block 410. Instead, the header is provided to the payload header 502 after the data is decrypted by the decryption block 404. As the header portion is being processed by the decryption block 404, a cipher stream portion corresponding to the header portion is not generated by the decryption block 404 since the header is not encrypted. The header is provided to the payload header 502, and is provided to the CRC generator 414 prior to the soft combined decrypted data 412.
  • the cipher stream 408 is not provided to the CRC generator 416. Instead, a zero padding stream 504 is provided to the CRC generator 416 that may be configured to correspond with the payload header 502 provided to the CRC generator 414.
  • a first switch may be toggled to form a connection with the output of the RTSC Block 410 and allow the soft combined decrypted data 412 to be fed into the CRC generator 414.
  • a second switch may then be toggled to form a connection with an output of the decryption block 404 corresponding to the cipher stream 408, to allow the cipher stream 408 to be fed into the CRC generator 416.
  • the length of the zero padding stream 504 may be equal to the length of the payload header 502.
  • the length of the zero padding stream 504 may be equal to the length of the payload header 502 to ensure that when the generated CRC based on the soft combined decrypted data 412 is XORed with the generated CRC based on the cipher stream 408, the payload header 502 is XORed with the zero padding stream 504. Performing an XOR of the payload header 502 with the zero padding stream 504 will yield the payload header 502, and essentially mimics the header being encrypted with a cipher stream of all zeros.
  • At least one advantage of the disclosure is that the linear properties of CRC allows the header to be appended to either the soft combined decrypted data 412 or the cipher stream 408.
  • the header may be appended to the cipher stream 408 instead of the soft combined decrypted data 412.
  • the header is provided to the CRC generator 416 prior to the cipher stream 408, and the zero padding stream is provided to the CRC generator 414 prior to the soft combined decrypted data 412.
  • the cipher stream 408 may be fed into the CRC generator 416.
  • the soft combined decrypted data 412 may be fed into the CRC generator 414. Prefixing the soft combined decrypted data 412 with the header before being fed into the CRC generator 414, and similarly prefixing the cipher stream 408 with the zero padding stream for the length equal to the header length provides the header adjustment to ensure that the calculated CRC 420 can be properly validated against the received CRC.
  • the CRC generator 414 outputs the generated CRC based on soft combined decrypted data 412 into the XOR block 418
  • the CRC generator 416 outputs the generated CRC based on the cipher stream 408 into the XOR block 418.
  • the result of the XOR between these two generated CRCs results in the calculated CRC 420.
  • the XOR between the CRC of the soft combined decrypted data 412 and the CRC of the cipher stream 408 produces the CRC of the encrypted data, as discussed above.
  • the CRC of the encrypted data is the result of the CRC of the decrypted data XOR with the CRC of the cipher stream, where the CRC of the decrypted data is calculated based on decrypted data (e.g., soft combined decrypted data 412) which may be corrected decrypted data.
  • decrypted data e.g., soft combined decrypted data 412
  • XORing the CRC of the decrypted data and the CRC of the cipher stream may be configured to validate the calculated CRC 420 with the CRC of the encrypted data 402.
  • the calculated CRC 420 is outputted to CRC check box 422, where the calculated
  • CRC 420 is compared against the received encrypted CRC (e.g., first CRC) to determine if the calculated CRC 420 passes a CRC check against the encrypted CRC. If the calculated CRC 420 passes a CRC check against the encrypted CRC (e.g., both being the same), then the encrypted data has been successfully combined such that the receiving device sends an ACK to the transmitting device. However, if the calculated CRC 420 is not the same as the encrypted CRC, then the encrypted data has not been successfully combined, and the receiving device may send a NACK to the transmitting device.
  • the received encrypted CRC e.g., first CRC
  • At least one advantage of the disclosure is that the CRC of the soft combined decrypted data 412 may be utilized to validate the calculated CRC 420 without having to re-encrypt the data, which can enhance efficiency and reduce processing resources.
  • At least another advantage of the disclosure is that if the encrypted data is not successfully combined and causes a NACK to be sent to the transmitting device, and another data packet being sent to the receiving device, the non-successfully combined data can be utilized by the RTSC block 410 to assist in generating the soft combined decrypted data 412.
  • the decrypted data 406 may be soft combined with the decrypted set of payloads at the RTSC block 410.
  • the decrypted set of payloads may be encrypted based on at least one nonce that is different than the first nonce used to encrypt the first PDU. However, in some aspects, the decrypted set of payloads may be encrypted based on a nonce that is the same as the first nonce. While in some aspects, the decrypted set of payloads may be previously received data packets.
  • FIG. 6 illustrates a block diagram 600 illustrating an aspect of a soft combining operation in accordance with certain aspects of the present disclosure.
  • the aspect of FIG. 6 leverages the Advanced Encryption Standard (AES) encryption property that if some bits of an encrypted packet got flipped due to over-the-air corruption and if the corrupted packet is decrypted with the correct cipher stream, then the decrypted packet will have the same erroneous bits as the corrupted encrypted packet.
  • AES Advanced Encryption Standard
  • the soft combing operation of FIG. 6 may occur in communications between a first device and a second device in a WPAN in accordance with certain aspects of the disclosure.
  • the first device may correspond to, e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 902/902', or the mesh node 950.
  • the second device may correspond to, e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 902/902', or the mesh node 950.
  • the first device may transmit encrypted data 602 to the second device (e.g., receiving device).
  • the encrypted data 602 may be similar to encrypted data 402 of FIG. 4.
  • the encrypted data 602 may include a first PDU and a first CRC that was calculated based on the encrypted first PDU.
  • the first PDU may be encrypted based on a first nonce.
  • the second device receives the encrypted data 602 and the encrypted data 602 is provided to the decryption block 604.
  • the decryption block 604 may be configured in a manner similar to the decryption block 404 of FIG. 4.
  • the decryption block 604 decrypts the encrypted data 602 (e.g., first PDU) and outputs decrypted data 606 (e.g., first payload). [0087]
  • the decryption block 604 outputs the decrypted data 606 to a RTSC block 608.
  • the decryption block 604 may be configured to provide the decrypted data 606 to the RTSC block 608 in a packet of 128 bits.
  • the RTSC block 608 may be configured in a manner similar to the RTSC block 410.
  • the decrypted data 606 may be soft combined with a decrypted set of payloads at the RSTC block 608.
  • the set of payloads have been encrypted based on at least one nonce that is different than the first nonce. However, in some aspects, the set of payload may be encrypted based on a nonce that is the same as the first nonce.
  • the decrypted set of payloads may be previously received data packets that may be stored within the RTSC block 608 or may be stored in a memory that is external to the RTSC block 608. For example, the receiving device may receive a set of PDUs, prior to receiving the encrypted data 602, and may attempt to decrypt each PDU in the set of PDUs after the PDU is received to obtain a corresponding decrypted payload of the decrypted set of payloads.
  • the receiving device may be configured to transmit a NACK in the event that the receiving device fails to properly validate a received CRC, based on the encrypted data, against a calculated CRC, based on the soft combined data.
  • the transmission of the NACK from the receiving device to the transmitting device may indicate that the PDU was improperly received.
  • the transmitting device sends another PDU to the receiving device.
  • the retransmitted PDU may be the first PDU from the encrypted data 602.
  • the RTSC block 608 may be configured to soft combine the decrypted data 606 with the decrypted set of payload in order to reconstruct the data and generate an error bitmap 610.
  • additional information may be soft combined with the decrypted data 606, such as but not limited to, previous corrupted receptions of the same packet and/or soft bit information from modem.
  • the RTSC block 608 will output the reconstructed decrypted data along with the error bitmap 610 which may be a list of the bits which were erroneous e.g., bits that got flipped due to over-the-air corruption.
  • the reconstructed data and/or the erroneous bitmap may be 128 bits long.
  • the error bitmap may be arranged to track which bits may have flipped or are erroneous when the RTSC block 608 is soft combining the decrypted data 606.
  • the RSTC block 608 outputs the error bitmap 610 to the XOR block 612.
  • the XOR block 612 also receives an input of the encrypted data 602.
  • the XOR block 612 XORs the encrypted data 602 (e.g., first PDU) with the generated error bitmap 610 to obtain a soft combined encrypted data 614.
  • a CRC is generated based on the soft combined encrypted data 614 and is then submitted to Check CRC box 616.
  • the Check CRC box 616 determines whether the CRC generated based on the soft combined encrypted data 614 passes a CRC check against the first CRC of the encrypted data 602. If the CRCs match then the data after the soft combining is valid, and the receiving device sends an ACK to the transmitting device, indicating that the packet has been properly received. However, if the CRC based on the soft combined encrypted data 614 does not pass the CRC check at Check CRC box 616, then the soft combined encrypted data 614 has not been successfully combined, and the receiving device may send a NACK to the transmitting device.
  • At least one advantage of the disclosure is that the aspect of FIG. 6 generates a CRC based on the soft combined encrypted data 614, which is consistent with the BLE requirements. Yet another advantage of the disclosure is that the aspect of FIG. 6 yields the same results as the aspect of FIG. 4, because it is mathematically equivalent to the aspect of FIG. 4.
  • FIG. 7 illustrates a block diagram 700 illustrating an aspect of a message integrity check (MIC) calculation operation in accordance with certain aspects of the present disclosure.
  • a MIC includes information that may be used to authenticate a data packet.
  • the MIC may be used by the receiving device to confirm that the received data came from a stated transmitting device (e.g., data packet authenticity), and to confirm that a payload has not been changed (e.g., data packet integrity).
  • the MIC protects both payload integrity and the authenticity of the data packet by enabling a receiving device to detect any changes to the payload.
  • the block diagram 700 is similar, in part, to the block diagram 400 of FIG. 4, and has many similar components that operate in a manner similar to the corresponding components of FIG.
  • the block diagram 700 may be configured to calculate the MIC based on the decrypted data and is validated against the received MIC included in the encrypted data 702.
  • a discussion of the similar components of block diagrams 400 and 700 is not included herein in an effort to reduce duplicative work. The discussion of FIG. 7 will be directed towards the additional components and/or features that are not present in the diagram 400 of FIG. 4.
  • the transmitting device transmits the encrypted data 702 to the receiving device.
  • the encrypted data 702 is provided to the decryption block 704.
  • the decryption block 704 may be configured to generate the decrypted data 710 from the encrypted data 702.
  • the decryption block 704 may comprise an AES decryption block 706 that generates the decrypted data 710 from the encrypted data 702.
  • the AES decryption block 706 receives the encrypted data 702 and generates the decrypted data 710, which is outputted from the decryption block 704 into the RTSC block 714.
  • the disclosure is not intended to be limited to a decryption block comprising the AES decryption block.
  • the decryption block 704 may be comprised of many different known encryption/decryption blocks.
  • the RTSC block 714 may be configured in a manner similar to the RTSC block 410 of FIG. 4.
  • the RTSC block 714 receives the decrypted data 710 and may be soft combined with a decrypted set of payloads at the RTSC block 714, in a manner similar to the RTSC block 410.
  • the decrypted set of payloads may be encrypted based on at least one nonce that is different than the first nonce used to encrypt the first PDU. However, in some aspects, the set of payload may be encrypted based on a nonce that is the same as the first nonce.
  • the decrypted set of payloads may be previously received data packets that may be stored within the RTSC block 714 or may be stored in a memory that is external to the RTSC block 714.
  • the receiving device may receive a set of PDUs, prior to receiving the encrypted data 702, and may attempt to decrypt each PDU in the set of PDUs after the PDU is received to obtain a corresponding decrypted payload of the decrypted set of payloads.
  • the RTSC block 714 may be configured to soft combine the decrypted data 710 with previously received data in an effort to correct previous corrupt reception or improper reception of the same packet, similarly as discussed above for RTSC block 410.
  • the RTSC block 714 generates reconstructed data (e.g., soft combined decrypted data 716) and output the soft combined decrypted data 716 to the CRC generator 718, also in a manner similar to the RTSC block 410. However, the RTSC block 714 further outputs the soft combined decrypted data 716 back to the decryption block 704 to calculate the MIC.
  • the decryption block 704 may further comprise an AES MIC calculation block 708 for MIC calculation.
  • the AES MIC calculation block 708 generates a calculated MIC 728 based on the corrected data (e.g., soft combined decrypted data 716).
  • the disclosure is not intended to be limited to a MIC calculation block comprising the AES MIC calculation block 708.
  • the MIC calculation block may be comprised of many different known MIC calculation blocks.
  • the calculated MIC 728 is checked against the received MIC from within the encrypted data 702. If the calculated MIC 728 is the same as the received MIC from the encrypted data 702, then the soft combined decrypted data 716 is validated as being correct, such that the contents of the packet have not changed in the transmission from the transmitting device to the receiving device.
  • the calculated MIC 728 is not the same as the received MIC, then the soft combined decrypted data 716 may not be properly corrected by the RTSC block 714 and the calculated MIC 728 fails. In some aspects, if the calculated MIC fails, then something may have occurred with the link between the transmitting device and the receiving device resulting in one or more bits getting flipped.
  • the calculated MIC 728 may be configured to be validated in instances when the calculated CRC passes the CRC check against the CRC received from the transmitting device. Validating the calculated MIC 728 when the calculated CRC passes the CRC check ensures that the calculated MIC 728 is calculated based on corrected data (e.g., soft combined decrypted data) generated by the RTSC block. Thus, validating the calculated MIC 728 occurs after the calculated CRC has been validated.
  • corrected data e.g., soft combined decrypted data
  • FIG. 8 illustrates a block diagram 800 illustrating an aspect of a MIC calculation operation in accordance with certain aspects of the present disclosure.
  • the block diagram 800 is similar, in part, to the block diagram 600 of FIG. 6, and has many similar components that operate in a manner similar to the corresponding components of FIG. 6, such as but not limited to an RTSC block that generates an error bitmap, an XOR block that XORs encrypted data and the error bitmap to generate a calculated CRC.
  • the block diagram 800 may be configured to calculate the MIC based on the decrypted data, similarly as the diagram 700 of FIG. 7, and is validated against the received MIC included in the encrypted data 802.
  • the transmitting device transmits the encrypted data 802 to the receiving device.
  • the encrypted data 802 is provided to the decryption block 804.
  • the decryption block 804 may be configured to generate the decrypted data 810 from the encrypted data 802.
  • the decryption block 804 comprises an AES decryption block 806 that generates the decrypted data 810 from the encrypted data 802.
  • the AES decryption block 806 receives the encrypted data 802 and generates the decrypted data 810, which is outputted from the decryption block 804 into the RTSC block 812.
  • the disclosure is not intended to be limited to a decryption block comprising the AES decryption block.
  • the decryption block 804 may be comprised of many different known encryption/decryption blocks.
  • the RTSC block 812 may be configured in a manner similar to the RTSC block 608 of FIG. 6.
  • the RTSC block 812 receives the decrypted data 810 and generates an error bitmap 814 that is provided to the XOR block 818 which generates a calculated CRC 820 based on the XOR of the error bitmap 814 and the encrypted data 802.
  • the RSTC block 812 may be further configured to generate a soft combined decrypted data stream 816 that is fed back into the decryption block 804 to calculate the MIC.
  • the decryption block 804 may further comprise an AES MIC calculation block 808 for MIC calculation.
  • the AES MIC calculation block 808 generates a calculated MIC 824 based on the corrected data (e.g., soft combined decrypted data 816).
  • the disclosure is not intended to be limited to a MIC calculation block comprising the AES MIC calculation block 808.
  • the MIC calculation block may be comprised of many different known MIC calculation blocks.
  • the calculated MIC 824 is checked against the received MIC from within the encrypted data 802.
  • the calculated MIC 824 is the same as the received MIC from the encrypted data 802, then the soft combined decrypted data 816 is validated as being correct, such that the contents of the packet have not changed in the transmission from the transmitting device to the receiving device. However, if the calculated MIC 824 is not the same as the received MIC, then the soft combined decrypted data 816 may not be properly corrected by the RTSC block 812 and the calculated MIC 824 fails. As in the diagram 700 of FIG. 7, the calculated MIC 824 may be configured to be validated in instances when the calculated CRC passes the CRC check against the CRC received from the transmitting device.
  • Validating the calculated MIC 824 when the calculated CRC passes the CRC check assists in ensuring that the calculated MIC 824 is calculated based on the corrected data (e.g., soft combined decrypted data 816) generated by the RTSC block. As such, validation of the calculated MIC 824 occurs after the calculated CRC has been first validated.
  • FIG. 9 is a flowchart 900 of a method of wireless communication.
  • the method may be performed by a first device (e.g., the central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 1002/1002') in communication with a second device (e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200).
  • a first device e.g., the central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200
  • FIG. 9 optional operations are indicated with dashed lines.
  • the first device may receive a set of PDUs, as discussed in reference to FIGs. 4, 5, and 7.
  • the first device may decrypt, at decryption block 404, 704, each PDU in the set of PDUs after the PDU is received to obtain a corresponding decrypted payload of the decrypted set of payloads, as discussed in reference to FIGs. 4, 5, and 7.
  • the first device may be configured to send a NACK after failing to properly validate a received CRC, based on the encrypted data, against a calculated CRC, based on the soft combined data.
  • the first device sending the NACK may indicate that the PDU was improperly received by the first device.
  • a first PDU (e.g., encrypted data 402, 702) may be received based on the sent NACK.
  • the first device may receive the first PDU (e.g., encrypted data 402, 702) and a first CRC that is based on the first PDU.
  • the first PDU e.g., encrypted data 402, 702
  • the first PDU may be encrypted based on a first nonce.
  • the first device may decrypt, at decryption block 404, 704, the first PDU (e.g., encrypted data 402, 702) to obtain a first payload (e.g., decrypted data 406, 710) and a first cipher stream (e.g., cipher stream 408, 712).
  • the decryption block 404, 704 receives the encrypted data 402, 702 and generates the decrypted data 406, 710 and a cipher stream 408, 712.
  • the first device may be configured to decrypt the first PDU, at decryption block 704, to obtain a first message integrity check (MIC).
  • MIC message integrity check
  • the first device may be configured to soft combine the decrypted first payload with a decrypted set of payloads.
  • the RTSC block 410, 714 may be configured to real time soft combine the decrypted data 406, 710 with a decrypted set of payloads.
  • the decrypted set of payloads may comprise previously received decrypted data packets, as discussed above in reference to 903.
  • the set of payload may have been encrypted based on at least one nonce different than the first nonce.
  • the set of payload may be encrypted based on a nonce that is the same as the first nonce.
  • the first device may be configured to append a payload header (e.g., payload header 502) to the soft combined decrypted payloads (e.g., soft combined decrypted data 412, 716) and zero padding (e.g., zero padding stream 504) the first cipher stream (e.g., cipher stream 408, 712) before generating a second CRC (e.g., calculated CRC 420, 724).
  • a payload header e.g., payload header 502
  • the soft combined decrypted payloads e.g., soft combined decrypted data 412, 716
  • zero padding e.g., zero padding stream 504
  • the first cipher stream e.g., cipher stream 408, 712
  • a second CRC e.g., calculated CRC 420, 724
  • the first device may be further configured to generate a second MIC (e.g., calculated MIC 728 of FIG. 7) based on the soft combined decrypted payloads (e.g., soft combined decrypted payloads 716).
  • a second MIC e.g., calculated MIC 728 of FIG. 7
  • the first device may be configured to generate a second CRC (e.g., calculated
  • the first device may be configured to generate a third CRC, at CRC generator 414, 718, based on the soft combined decrypted payloads (e.g., soft combined decrypted data 412, 716).
  • the first device may be further configured to generate a fourth CRC, at CRC generator 416, 720, based on the first cipher stream (e.g., cipher stream 408, 712).
  • the first device may be configured to XOR, at XOR 418, 722, the third CRC and the fourth CRC to obtain the second CRC (e.g., calculated CRC 420, 724).
  • the first device may be configured to append a header (e.g., header payload 502) to the soft combined decrypted payloads (e.g., soft combined decrypted data 412, 716) before generating the third CRC, at CRC generator 414, and zero padding (e.g., zero padding stream 504) the first cipher stream (e.g., cipher stream 408, 712) before generating the fourth CRC, at CRC generator 416, 720.
  • a header e.g., header payload 502
  • the soft combined decrypted payloads e.g., soft combined decrypted data 412, 716
  • zero padding e.g., zero padding stream 504
  • the first cipher stream e.g., cipher stream 408, 712
  • the first device may determine whether the generated second CRC (e.g., calculated CRC 420, 724) for the soft combined decrypted payloads passes a CRC check (e.g., block 422, 726) against the first CRC. If the generated second CRC does not pass the CRC check, then at 918, a NACK is sent by the first device to the second device, which results in a retransmission of the PDU and the process is repeated starting at 902. If the generated second CRC does pass the CRC check, then at 916, the first device may determine whether the generated second MIC (e.g., calculated MIC 728) passes a MIC check (e.g., MIC check 730) against the first MIC.
  • a CRC check e.g., block 422, 726
  • the generated second MIC does not pass the MIC check, then at 918, a NACK is sent by the first device to the second device, which may result in the retransmission of the PDU and the process is repeated starting at 902. If the generated second MIC does pass the MIC check, then at 920, the first device may transmit an ACK to the second device. The transmission of an ACK to the second device indicates that the PDU was properly received, such that the soft combined decrypted data 412, 716 was properly combined.
  • FIG. 10 is a conceptual data flow diagram 1000 illustrating the data flow between different means/components in an exemplary apparatus 1002.
  • the apparatus may be a first device (e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 1002') in communication with a second device (e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200).
  • a first device e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200
  • a second device e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200.
  • the apparatus may include a reception component 1004, a decryption component 1006, a first CRC generator component 1008, a soft combine component 1010, a decrypted payloads component 1012, a second CRC generator component 1014, an XOR component 1016, a CRC check component 1018, and a broadcast component 1020.
  • the reception component 1004 may be configured to receive a first PDU and a first
  • the first PDU (e.g., encrypted data 402) may be encrypted based on a first nonce.
  • the first device may receive a set of PDUs, and decrypt, at decryption block 404, each PDU in the set of PDUs after the PDU is received to obtain a corresponding payload of the decrypted set of payloads, as discussed in reference to FIGs. 4, 5 and 7.
  • the first device may be configured to send a NACK after failing to properly validate, at block 422, 726, a received CRC, based on the encrypted data, against a calculated CRC, based on the soft combined data.
  • the first device sending the NACK may indicate that the PDU was improperly received by the first device.
  • the first PDU (e.g., encrypted data 402, 702) may be received based on the sent NACK.
  • the decryption component 1006 may be configured to receive the encrypted data 402, 702 (e.g., first PDU) from the reception component 1004 and decrypt the first PDU to obtain a first payload and a first cipher stream.
  • the decryption block 404, 704 receives the encrypted data 402, 702 and generates the decrypted data 406, 710 and a cipher stream 408, 712.
  • the decryption component 1006 may be configured to decrypt the first PDU, by decryption block 704, to obtain a first message integrity check (MIC). In some aspects, the decryption component 1006 may be configured to generate a second MIC (e.g., calculated MIC 728 of FIG. 7) based on the soft combined decrypted payloads (e.g., soft combined decrypted payloads 716).
  • a second MIC e.g., calculated MIC 728 of FIG. 7
  • the first CRC generator component 1008 may be configured to receive the cipher stream 408, 712 from the decryption component 1006 and generate, at CRC generator 416, 720, a CRC based on the cipher stream 408, 712.
  • the soft combine component 1010 may be configured to soft combine, at RTSC block 410, 714, the decrypted first payload (e.g., decrypted data 406, 710) with a decrypted set of payloads.
  • the decrypted payloads component 1012 may be configured to store a set of payloads that have been encrypted based on at least one nonce different than the first nonce and provide the set of payloads to the soft combine component 1010. However, in some aspects, the set of payload may be encrypted based on a nonce that is the same as the first nonce. In some aspects, the decrypted set of payloads may comprise previously received decrypted data packets.
  • the second CRC generator component 1014 may be configured to receive the soft combined decrypted data from the soft combine component and generate a CRC, at CRC generator 414, 718, based on the soft combined decrypted data 412, 716.
  • the XOR component 1016 may be configured to receive the CRC generated by the first CRC generator component 1008 and the CRC generated by the second CRC generator component 1014 to generate a second CRC (e.g., calculated CRC 420, 724) based on the soft combined decrypted payloads (e.g., soft combined decrypted payloads 412, 716) and based on the first cipher stream (e.g., cipher stream 408, 712).
  • a payload header (e.g., payload header 502) may be appended to the soft combined decrypted payloads (e.g., soft combined decrypted data 412, 716) and zero padding (e.g., zero padding stream 504) may be appended to the first cipher stream (e.g., cipher stream 408, 712) before generating the second CRC (e.g., calculated CRC 420, 724).
  • the soft combined decrypted payloads e.g., soft combined decrypted data 412, 716
  • zero padding e.g., zero padding stream 504
  • the first cipher stream e.g., cipher stream 408, 712
  • the second CRC e.g., calculated CRC 420, 724
  • the CRC check component 1018 may be configured to determine whether the generated second CRC (e.g., calculated CRC 420, 724) for the soft combined decrypted payloads passes a CRC check (e.g., block 422, 726) against the first CRC.
  • the MIC check component 1020 may be configured to determine whether the calculated MIC (e.g., calculated MIC 728) passes a MIC check (e.g., block 730) against the first MIC.
  • the broadcast component 1022 may be configured to transmit an ACK or a NACK to the second device 1050 based on whether the generated second CRC (e.g., calculated CRC 420, 724) for the soft combined decrypted payloads passes a CRC check and/or whether the calculated MIC 728 passes a MIC check against the MIC received with the encrypted data. For example, if the calculated CRC 420, 724 passes the CRC check, then the broadcast component 1022 may transmit an ACK to the second device 1050 indicating that the PDU was properly received.
  • the generated second CRC e.g., calculated CRC 420, 724
  • the broadcast component 1022 may transmit an ACK to the second device 1050 indicating that the PDU was properly received.
  • the broadcast component 1022 may transmit a NACK to the second device 1050 indicating that the PDU was not properly received, and the second device 1050 retransmits another PDU.
  • the broadcast component 1022 may transmit the NACK to the second device 1050, while in some aspects, if the calculated MIC 728 does pass the MIC check, then the broadcast component 1022 may transmit the ACK to the second device 1050 indicating that the PDU was properly received.
  • the apparatus may include additional components that perform each of the blocks of the algorithm in the aforementioned flowcharts of FIGs. 4, 5, and 7. As such, each block in the aforementioned flowcharts of FIGs. 4, 5, and 7 may be performed by a component and the apparatus may include one or more of those components.
  • the components may be one or more hardware components specifically configured to carry out the stated processes/algorithm, implemented by a processor configured to perform the stated processes/algorithm, stored within a computer-readable medium for implementation by a processor, or some combination thereof.
  • FIG. 11 is a diagram 1100 illustrating an example of a hardware implementation for an apparatus 1002' employing a processing system 1114.
  • the processing system 1114 may be implemented with a bus architecture, represented generally by the bus 1124.
  • the bus 1124 may include any number of interconnecting buses and bridges depending on the specific application of the processing system 1114 and the overall design constraints.
  • the bus 1124 links together various circuits including one or more processors and/or hardware components, represented by the processor 1104, the components 1004, 1006, 1008, 1010, 1012, 1014, 1016, 1018, 1020, 1022 and the computer-readable medium / memory 1106.
  • the bus 1124 may also link various other circuits such as timing sources, peripherals, voltage regulators, and power management circuits, which are well known in the art, and therefore, will not be described any further.
  • the processing system 1114 may be coupled to a transceiver 1110.
  • the transceiver 1110 may be coupled to a transceiver 1110.
  • the transceiver 1110 is coupled to one or more antennas 1120.
  • the transceiver 1110 provides a means for communicating with various other apparatus over a transmission medium.
  • the transceiver 1110 receives a signal from the one or more antennas 1120, extracts information from the received signal, and provides the extracted information to the processing system 1114, specifically the reception component 1004.
  • the transceiver 1110 receives information from the processing system 1114, specifically the broadcast component 1020, and based on the received information, generates a signal to be applied to the one or more antennas 1120.
  • the processing system 1114 includes a processor 1104 coupled to a computer-readable medium / memory 1106.
  • the processor 1104 is responsible for general processing, including the execution of software stored on the computer-readable medium / memory 1106.
  • the software when executed by the processor 1104, causes the processing system 1114 to perform the various functions described supra for any particular apparatus.
  • the computer- readable medium / memory 1106 may also be used for storing data that is manipulated by the processor 1104 when executing software.
  • the processing system 1114 further includes at least one of the components 1004, 1006, 1008, 1010, 1012, 1014, 1016, 1018, 1020, and 1022.
  • the components may be software components running in the processor 1104, resident/stored in the computer readable medium / memory 1106, one or more hardware components coupled to the processor 1104, or some combination thereof.
  • the apparatus 1002/1002' for wireless communication may include means for receiving a first packet data unit (PDU) and a first cyclic redundancy check (CRC) that is based on the first PDU, the first PDU being encrypted based on a first nonce, means for decrypting the first PDU to obtain a first payload and a first cipher stream, means for soft combining the decrypted first payload with a decrypted set of payloads, the set of payloads having been encrypted based on at least one nonce different than the first nonce, means for generating a second CRC based on the soft combined decrypted payloads and based on the first cipher stream, means for determining whether the generated second CRC for the soft combined decrypted payloads passes a CRC check against the first CRC, means for receiving a set of PDUs, means for decrypting each PDU in the set of PDUs after the PDU is received to obtain a corresponding decrypt
  • FIG. 12 is a flowchart 1200 of a method of wireless communication.
  • the method may be performed by a first device (e.g., the central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 1002/1002') in communication with a second device (e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200).
  • a second device e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200.
  • FIG. 12 optional operations are indicated with dashed lines.
  • the first device may be configured to receive a set of PDUs, as discussed in reference to FIGs. 6 and 8.
  • the first device may decrypt, at decryption block 604, 804, each PDU in the set of PDUs after the PDU is received to obtain a corresponding decrypted payload of the decrypted set of payloads, as discussed in reference to FIGs. 6 and 8.
  • the first device may be configured to send a NACK after failing to properly validate a received CRC, based on the encrypted data, against a calculated CRC, based on the soft combined data.
  • the first device sending the NACK may indicate that the PDU was improperly received by the first device.
  • a first PDU (e.g., encrypted data 602, 802) may be received by the first device based on the sent NACK.
  • the first device may receive a first PDU (e.g., encrypted data 602, 802) and a first CRC that is based on the first PDU.
  • a first PDU e.g., encrypted data 602, 802
  • the first PDU may be encrypted based on a first nonce.
  • the first device may be configured to decrypt, at decryption block 604, 804, the first PDU (e.g., encrypted data 602, 802) to obtain a first payload (e.g., decrypted data 606, 810).
  • the decryption block 604, 804 receives the encrypted data 602, 802 and generates the decrypted data 606, 810.
  • the first device may be configured to decrypt, at decryption block 804, the first PDU (e.g., encrypted data 802) to obtain a first MIC.
  • the first device may be configured to soft combine, at RTSC block 608, 812, the decrypted first payload (e.g., decrypted data 606, 810) with a decrypted set of payloads to obtain an error bitmap 610, 814.
  • the set of payloads have been encrypted based on at least one nonce different than the first nonce.
  • the set of payloads may be encrypted based on a nonce that is the same as the first nonce.
  • the first device may be configured to generate a second MIC (e.g., calculated MIC 824) based on the soft combined decrypted payloads (e.g., soft combined decrypted data 816).
  • the decrypted data 810 is soft combined at the RTSC block 812 and the soft combined decrypted data 816 is outputted back to the decryption block 804, so that that decryption block 804 can further decrypt the soft combined decrypted data 816 to obtain the second MIC (e.g., calculated MIC 824).
  • the decryption block 804 may comprise an AES block for MIC calculation 808, which receives the soft combined decrypted data 816 and generates a calculated MIC 824 based on the soft combined decrypted data 816.
  • the first device may be configured to XOR, at XOR 612, 818, the received first PDU (e.g., encrypted data 602, 802) with the obtained error bitmap 610, 814 to obtain a soft combined encrypted payload.
  • the first device may be configured to generate a second CRC (e.g., calculated CRC 820) based on the soft combined encrypted payload 614 which is the result of the XOR of the received first PDU (e.g., encrypted data 602, 802) and the obtained error bitmap 610, 814.
  • a second CRC e.g., calculated CRC 820
  • the first device may determine whether the generated second CRC (e.g., calculated CRC 820) for the soft combined encrypted payload (e.g., soft combined encrypted data 614) passes a CRC check, at CRC check 616, 822, against the first CRC based on the encrypted data 602, 802. If the generated second CRC does not pass the CRC check, the at 1220, a NACK is sent by the first device to the second device, which results in a retransmission of the PDU, and the process is repeated starting at 1202.
  • the generated second CRC e.g., calculated CRC 820
  • the soft combined encrypted payload e.g., soft combined encrypted data 614
  • the first device may determine whether the generated second MIC (e.g., calculated MIC 824) passes a MIC check (e.g., MIC check 826) against the first MIC. If the generated second MIC does not pass the MIC check, then at 1220, a NACK is sent by the first device to the second device, which may result in the retransmission of the PDU and the process is repeated starting at 1202. If the generated second MIC does pass the MIC check, then at 1222, the first device may transmit an ACK to the second device. The transmission of an ACK to the second device indicates that the PDU was properly received, such that the soft combined decrypted data performed at RTSC block 608, 812, was properly combined.
  • a MIC check e.g., MIC check 826
  • an ACK may be sent by the first device when both the generated second CRC (e.g., calculated CRC 820) passes the CRC check 616 against the first CRC and the generated second MIC (e.g., calculated MIC 824) passes a MIC check 826 against the first MIC.
  • the generated second CRC e.g., calculated CRC 820
  • the generated second MIC e.g., calculated MIC 824
  • FIG. 13 is a conceptual data flow diagram 1300 illustrating the data flow between different means/components in an exemplary apparatus 1302.
  • the apparatus may be a first device (e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200, the apparatus 1002') in communication with a second device (e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200).
  • a first device e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200
  • a second device e.g., central device 102, peripheral device 104, 106, 108, 110, 112, 114, wireless device 200.
  • the apparatus includes a reception component 1304, a decryption component 1306, a soft combine component 1308, a decrypted payloads component 1310, an XOR component 1312, a CRC generator component 1314, a CRC check component 1316, MIC check component 1318, and a broadcast component 1320.
  • the reception component 1304 may be configured to receive a first PDU and a first
  • the first PDU (e.g., encrypted data 602, 802) may be encrypted based on a first nonce.
  • the first device may receive a set of PDUs, and decrypt, at decryption block 604, 804, each PDU in the set of PDUs after the PDU is received to obtain a corresponding payload of the decrypted set of payloads, as discussed in reference to FIGs. 6, 8.
  • the first device may be configured to send a NACK after failing to properly validate, at block 616, 822 a received CRC, based on the encrypted data, against a calculated CRC, based on the soft combined data.
  • the first device sending the NACK may indicate that the PDU (e.g., encrypted data 602, 802) was improperly received by the first device.
  • the first PDU e.g., encrypted data 602, 802
  • the first PDU may be received based on the sent NACK.
  • the decryption component 1306 may be configured to receive the encrypted data
  • first PDU (e.g., first PDU) from the reception component 1304 and decrypt, at decryption block 604, 804, the first PDU to obtain a first payload (e.g., decrypted data 606, 810).
  • first PDU may be decrypted further, at decryption block 804, to obtain a first MIC corresponding to the first PDU (e.g., encrypted data 602, 802).
  • the soft combine component 1308 may be configured to soft combine, at RTSC block
  • the decrypted first payload (e.g., decrypted data 606, 810) with a decrypted set of payloads to obtain an error bitmap 814.
  • the set of payloads have been encrypted based on at least one nonce different than the first nonce.
  • the set of payload may be encrypted based on a nonce that is the same as the first nonce.
  • the MIC generator component 1318 may be configured to generate a second MIC (e.g., calculated MIC 824) based on the soft combined decrypted payloads (e.g., soft combined decrypted data 816).
  • the decrypted data 810 is soft combined at the RTSC block 812 and the soft combined decrypted data 816 is outputted back to the decryption block 804, so that that decryption block 804 can further decrypt the soft combined decrypted data 816 to obtain the second MIC (e.g., calculated MIC 824).
  • the decryption block 804 comprises an AES block for MIC calculation 808, which receives the soft combined decrypted data 816 and generates a calculated MIC 824 based on the soft combined decrypted data 816.
  • the XOR component 1312 may be configured to receive the error bitmap 814 from the soft combine component 1308 and receive the encrypted data 802 to perform an XOR operation between the error bitmap 814 and the encrypted data 802 to obtain a soft combined encrypted payload (e.g., soft combined encrypted data 614).
  • the CRC generator component 1314 may receive the soft combined encrypted data from the XOR component 1312 in order to generate a second CRC (e.g., calculated CRC 820) based on the soft combined encrypted payload 614.
  • the CRC check component 1316 may be configured to determine whether the generated second CRC (e.g., calculated CRC 820) for the soft combined encrypted payload (e.g., soft combined encrypted data 614) passes a CRC check, at CRC check 616, against the first CRC based on the encrypted data 602.
  • the MIC check component 1320 may be configured to determine whether the generated MIC (e.g., calculated MIC 824) passes a MIC check (e.g., block 826) against the first MIC based on the encrypted data.
  • the broadcast component 1322 may be configured to transmit an ACK when both the generated CRC (e.g., calculated CRC 820) passes the CRC check 822 against the first CRC based on the first PDU, and when the generated second MIC (e.g., calculated MIC 824) passes the MIC check 826 against the first MIC based on the first PDU. If the generated second CRC does not pass the CRC check then the broadcast component 1322 may transmit a NACK to the second device, which may result in a retransmission of the PDU.
  • the generated CRC e.g., calculated CRC 820
  • the generated second MIC e.g., calculated MIC 824
  • the MIC check component 1320 may determine whether the generated second MIC (e.g., calculated MIC 824) passes the MIC check (e.g., MIC check 826) against the first MIC. If the generated second MIC does not pass the MIC check, then the broadcast component 1322 may send NACK to the second device, which may result in the retransmission of the PDU. If the generated second MIC does pass the MIC check, then the broadcast component 1322 may transmit an ACK to the second device 1350. The transmission of an ACK to the second device 1350 indicates that the PDU was properly received, such that the soft combined decrypted data performed at RTSC block 608, 812, was properly combined.
  • the generated second MIC e.g., calculated MIC 824
  • the broadcast component 1322 may send NACK to the second device, which may result in the retransmission of the PDU. If the generated second MIC does pass the MIC check, then the broadcast component 1322 may transmit an ACK to the second device 1350. The transmission of an
  • the apparatus may include additional components that perform each of the blocks of the algorithm in the aforementioned flowcharts of FIGs. 6 and 8. As such, each block in the aforementioned flowcharts of FIGs. 6 and 8 may be performed by a component and the apparatus may include one or more of those components.
  • the components may be one or more hardware components specifically configured to carry out the stated processes/algorithm, implemented by a processor configured to perform the stated processes/algorithm, stored within a computer-readable medium for implementation by a processor, or some combination thereof.
  • FIG. 14 is a diagram 1400 illustrating an example of a hardware implementation for an apparatus 1302' employing a processing system 1414.
  • the processing system 1414 may be implemented with a bus architecture, represented generally by the bus 1424.
  • the bus 1424 may include any number of interconnecting buses and bridges depending on the specific application of the processing system 1414 and the overall design constraints.
  • the bus 1424 links together various circuits including one or more processors and/or hardware components, represented by the processor 1404, the components 1304, 1306, 1308, 1310, 1312, 1314, 1316, 1318 and the computer- readable medium / memory 1406.
  • the bus 1424 may also link various other circuits such as timing sources, peripherals, voltage regulators, and power management circuits, which are well known in the art, and therefore, will not be described any further.
  • the processing system 1414 may be coupled to a transceiver 1410.
  • the transceiver 1410 may be coupled to a transceiver 1410.
  • the 1410 is coupled to one or more antennas 1420.
  • the transceiver 1410 provides a means for communicating with various other apparatus over a transmission medium.
  • the transceiver 1410 receives a signal from the one or more antennas 1420, extracts information from the received signal, and provides the extracted information to the processing system 1414, specifically the reception component 1304.
  • the transceiver 1410 receives information from the processing system 1414, specifically the broadcast component 1320, and based on the received information, generates a signal to be applied to the one or more antennas 1420.
  • the processing system 1414 includes a processor 1404 coupled to a computer-readable medium / memory 1406.
  • the processor 1404 is responsible for general processing, including the execution of software stored on the computer-readable medium / memory 1406.
  • the software when executed by the processor 1404, causes the processing system 1414 to perform the various functions described supra for any particular apparatus.
  • the computer- readable medium / memory 1406 may also be used for storing data that is manipulated by the processor 1404 when executing software.
  • the processing system 1414 further includes at least one of the components 1304, 1306, 1308, 1310, 1312, 1314, 1316, 1318, 1320, and 1322.
  • the components may be software components running in the processor 1404, resident/stored in the computer readable medium / memory 1406, one or more hardware components coupled to the processor 1404, or some combination thereof.
  • the apparatus 1302/1302' for wireless communication may include means for receiving a first packet data unit (PDU) and a first cyclic redundancy check (CRC) that is based on the first PDU, the first PDU being encrypted based on a first nonce, means for decrypting the first PDU to obtain a first payload, means for obtaining an error bitmap by soft combining the decrypted first payload with a decrypted set of payloads, the set of payloads having been encrypted based on at least one nonce different than the first nonce, means for XORing the received first PDU with the obtained error bitmap to obtain a soft combined encrypted payload, means for generating a second CRC based on the soft combined encrypted payload, means for determining whether the generated second CRC for the soft combined encrypted payload passes a CRC check against the first CRC, means for receiving a set of PDUs, means for decrypting each PDU in the set of PDUs after the PDU is received
  • CRC cyclic red
  • the aforementioned means may be one or more of the aforementioned processor(s) 202, the short-range communications controller 252, and/or radio 230 in FIG. 2, components of apparatus 1002/1002' configured to perform the functions recited by the aforementioned means.
  • the present disclosure discusses the scheme of validating the combination of decrypted data packets in relation to BLE technologies, it is understood that such scheme may also be applicable to BT technologies.
  • the scheme may be applied to 802.15.4 based protocols, such as Zigbee, or any other wireless protocol wherein a packet and its retransmitted packets may be sent using different encryption parameters.
  • Combinations such as“at least one of A, B, or C,”“one or more of A, B, or C,”“at least one of A, B, and C,”“one or more of A, B, and C,” and“A, B, C, or any combination thereof’ include any combination of A, B, and/or C, and may include multiples of A, multiples of B, or multiples of C.
  • combinations such as“at least one of A, B, or C,”“one or more of A, B, or C,”“at least one of A, B, and C,”“one or more of A, B, and C,” and“A, B, C, or any combination thereof’ may be A only, B only, C only, A and B, A and C, B and C, or A and B and C, where any such combinations may contain one or more member or members of A, B, or C.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
EP19836218.8A 2019-11-13 Real-time soft combining, crc validation, and mic validation of decrypted packets Active EP3895355B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/218,396 US11553343B2 (en) 2018-12-12 2018-12-12 Real-time soft combining, CRC validation, and MIC validation of decrypted packets
PCT/US2019/061150 WO2020123081A1 (en) 2018-12-12 2019-11-13 Real-time soft combining, crc validation, and mic validation of decrypted packets

Publications (2)

Publication Number Publication Date
EP3895355A1 true EP3895355A1 (en) 2021-10-20
EP3895355B1 EP3895355B1 (en) 2024-10-30

Family

ID=

Also Published As

Publication number Publication date
CN113169829B (zh) 2024-02-20
US11553343B2 (en) 2023-01-10
TWI818116B (zh) 2023-10-11
US20230111742A1 (en) 2023-04-13
TW202030608A (zh) 2020-08-16
WO2020123081A1 (en) 2020-06-18
US20200196153A1 (en) 2020-06-18
CN113169829A (zh) 2021-07-23

Similar Documents

Publication Publication Date Title
US20230111742A1 (en) Real-time soft combining, crc validation, and mic validation of decrypted packets
US10911184B2 (en) Error correction for data packets in short-range wireless communications systems
US10784993B1 (en) Soft combining packets received from different piconets
US20200329052A1 (en) System and method for aligning a packet counter in short-range wireless communications systems
US11558155B2 (en) Broadcast relay piconet for low energy audio
US11452005B2 (en) System and method for construction of a protocol data unit using selective relay
US11275648B2 (en) Empty data packet hard align
US10367609B2 (en) Error correction for data packets transmitted using an asynchronous connection-less communication link
TWI779383B (zh) Br/edr 鏈路的mic 恢復
EP3895355B1 (en) Real-time soft combining, crc validation, and mic validation of decrypted packets
TWI857219B (zh) 用於低能量音訊的廣播中繼微微網的方法、裝置和電腦可讀取媒體
TW202011718A (zh) 用於使用非同步無連接通訊鏈路發送的資料封包的糾錯

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20210518

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20230526

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602019061240

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0001180000

Ipc: H04L0009400000

Ref country code: DE

Ref legal event code: R079

Free format text: PREVIOUS MAIN CLASS: H04L0001180000

Ipc: H04L0009400000

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 1/00 20060101ALN20240418BHEP

Ipc: H04L 1/1829 20230101ALI20240418BHEP

Ipc: H04L 1/18 20060101ALI20240418BHEP

Ipc: H04L 9/06 20060101ALI20240418BHEP

Ipc: H04L 9/40 20220101AFI20240418BHEP

INTG Intention to grant announced

Effective date: 20240507

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED